From 05e144f5efb3f82e93da6f2fa0283cf10f5662c5 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Tue, 6 Jun 2017 09:43:25 +0000
Subject: Retire several CVEs

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5347 e094ebfe-e918-0410-adfb-c712417f3574
---
 retired/CVE-2017-7261 | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100644 retired/CVE-2017-7261

(limited to 'retired/CVE-2017-7261')

diff --git a/retired/CVE-2017-7261 b/retired/CVE-2017-7261
new file mode 100644
index 00000000..e02f0dd1
--- /dev/null
+++ b/retired/CVE-2017-7261
@@ -0,0 +1,19 @@
+Description: drm/vmwgfx: check that number of mip levels is above zero
+References:
+ https://lists.freedesktop.org/archives/dri-devel/2017-March/136814.html
+ https://bugzilla.redhat.com/show_bug.cgi?id=1435719
+ https://marc.info/?t=149037004200005&r=1&w=2
+ https://cgit.freedesktop.org/mesa/vmwgfx/commit/?id=e904061d2c8968429954be87ad1cc45526510812
+Notes:
+ bwh> This seems to have been discovered independently by Murray
+ bwh> McAllister, Vladis Dronov and Li Qiang, resulting in three
+ bwh> slightly different fixes.  Murray McAllister's version was
+ bwh> applied upstream.
+Bugs:
+upstream: released (4.11-rc6) [36274ab8c596f1240c606bb514da329add2a1bcd]
+4.9-upstream-stable: released (4.9.22) [73ab72517b61ce4b27ceddec47dd5d6edafb556a]
+3.16-upstream-stable: released (3.16.44) [61cabe967321767052498032178d56a1ea03a7bc]
+3.2-upstream-stable: released (3.2.89) [20996e6d81c907b10a5ab57c4172be97cb1a7de1]
+sid: released (4.9.18-1) [bugfix/x86/vmwgfx-null-pointer-dereference-in-vmw_surface_define_ioctl.patch]
+3.16-jessie-security: released (3.16.43-1) [bugfix/x86/vmwgfx-null-pointer-dereference-in-vmw_surface_define_ioctl.patch]
+3.2-wheezy-security: released (3.2.88-1) [bugfix/x86/vmwgfx-null-pointer-dereference-in-vmw_surface_define_ioctl.patch]
-- 
cgit v1.2.3